DNAT issue with iptables
Hi Guys
Im very much a n00b when it come to iptables etc heres my setup 2 nics , WAN & LAN eth0 = LAN =192.168.10.10 eth1 = WAN = 123.123.123.123 I am trying to DNAT incoming traffic on 123.123.123.123:9180 to 192.168.10.10:80 rule im using -A PREROUTING -i eth1 -p tcp -m tcp --dport 9180 -j DNAT --to-destination 192.168.10.10:80 where the --dport 9180 is that of eth1 is this correct or what am i missing , for the life of me i cannot get this to work ? does my http server need to use my router as the Default gateway ? any help will be greatly appreciated im really just trying to get my head around iptables etc |
You have to add rule to firewall to allow the nated packets to be allowed on FORWARD chain
Code:
iptables -A FORWARD -p tcp -i eth1 -o eth0 -d 192.168.10.10 --dport 80 --sport 1024:65535 -m state –state NEW -j ACCEPT |
Is the ip_forward allowed ?
Code:
cat /proc/sys/net/ipv4/ip_forward |
All times are GMT -5. The time now is 08:13 AM. |